A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : TLS Server Identity Pinning with Tickets Author : Yaron Sheffer Filename : draft-sheffer-tls-pinning-ticket-00.txt Pages : 14 Date : 2015-10-11 Abstract: Fake public-key certificates are an ongoing problem for users of TLS. Several solutions have been proposed, but none is currently in wide use. This document proposes to extend TLS with opaque tickets, similar to those being used for TLS session resumption, as a way to pin the server's identity. That is, to ensure the client that it is connecting to the right server even in the presence of corrupt certificate authorities and fake certificates. The main advantage of this solution is that no manual management actions are required. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-sheffer-tls-pinning-ticket/ There's also a htmlized version available at: https://tools.ietf.org/html/draft-sheffer-tls-pinning-ticket-00 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt